26 matches found
CVE-2002-1123
CVE-2002-1123 is a buffer overflow in the authentication function of Microsoft SQL Server 2000 and MSDE 2000 triggered by a long TCP 1433 request, enabling remote code execution. Public writeups and scanners (MS02-056, Metasploit/MSF module, OpenVAS checks) confirm the existence of the Hello Over...
CVE-2000-1209
The CVE-2000-1209 issue affects Microsoft SQL Server 2000, SQL Server 7.0, and Data Engine (MSDE) 1.0 where the sa account is installed with a default null password. This enables remote attackers to gain privileges and was exploited by worms such as Voyager Alpha Force and Spida, with third-party...
CVE-2002-0643
The CVE-2002-0643 issue concerns Microsoft Data Engine 1.0 (MSDE 1.0) and Microsoft SQL Server 2000: the installation creates setup.iss files with insecure permissions and does not delete them after installation, enabling local users to access sensitive data such as the sa password and potentiall...
CVE-2008-0106
CVE-2008-0106 describes a buffer overflow in Microsoft SQL Server 2005 SP1/SP2 and SQL Server 2005 Express SP1/SP2 that could allow remote authenticated users to execute arbitrary code via a crafted insert statement. The connected KB article MS08-040 (KB941203) confirms Microsoft released a secur...
CVE-2008-0086
CVE-2008-0086 corresponds to vulnerabilities addressed by MS08-040. The Connected KB (KB941203) states MS08-040 resolves four privately disclosed vulnerabilities in Microsoft SQL Server products, with the more serious one enabling code execution and full system compromise if exploited. The CVE de...
CVE-2008-0107
CVE-2008-0107 is a memory corruption vulnerability in multiple SQL Server lineage components (SQL Server 7.0, SQL Server 2000/2005, MSDE/WYukon) triggered by a crafted on-disk file path supplied via SMB or WebDAV, leading to a heap-based buffer overflow. The flaw permits remote authenticated user...
CVE-2002-1145
The CVE-2002-1145 entry describes a privilege-escalation issue in the Web Tasks xp_runwebtask stored procedure for Microsoft SQL Server 7.0, SQL Server 2000, MSDE 1.0, and MSDE 2000. The vulnerability arises because xp_runwebtask can be executed by PUBLIC, allowing an attacker to update a webtask...
CVE-2002-0721
The CVE-2002-0721 issue affects Microsoft SQL Server 7.0 and 2000 where extended stored procedures with weak permissions (xp_execresultset, xp_printstatements, xp_displayparamstmt) can allow an unprivileged user to execute procedures with administrator privileges. CERT advisories describe the ris...
CVE-2002-0649
CVE-2002-0649 describes a remote buffer-overflow in the SQL Server Resolution Service of Microsoft SQL Server 2000 and MSDE (port 1434/UDP). The vulnerability is triggered by UDP packets beginning with 0x04 (long registry key name) or 0x08 (long string), which can cause a denial of service or arb...
CVE-2008-0085
CVE-2008-0085 describes a memory handling flaw in multiple SQL Server products (SQL Server 7.0, 2000, 2005 and related Desktop Engine variants) where memory pages are not initialized during reallocations, enabling a potential disclosure of sensitive data via memory-page reuse. Connected Microsoft...
CVE-2000-1082
The OpenVAS entry confirms CVE-2000-1082 affects Microsoft SQL Server and MSDE via the Extended Stored Procedures interface. The issue is in xp_enumresultset, where the function does not properly restrict the length of a buffer before calling srv_paraminfo, enabling denial of service or arbitrary...
CVE-2000-1087
The CVE-2000-1087 vulnerability affects Microsoft SQL Server 2000 and MSDE, where the xp_proxiedmetadata function fails to properly restrict buffer length before invoking srv_paraminfo in the Extended Stored Procedures API. This can allow a local attacker to cause a denial of service or execute a...
CVE-2000-1084
The CVE-2000-1084 issue affects Microsoft SQL Server and SQL Server Desktop Engine (MSDE) via Extended Stored Procedures. The vulnerable component is xp_updatecolvbm, which does not properly restrict buffer length before calling srv_paraminfo in the XP API, enabling a potential denial of service ...
CVE-2000-1088
CVE-2000-1088 affects Microsoft SQL Server 2000 and MSDE via the Extended Stored Procedures API. The vulnerability lies in xp_SetSQLSecurity not properly restricting the buffer length before calling srv_paraminfo, enabling a attacker to cause a denial of service or execute arbitrary commands. The...
CVE-2003-0230
CVE-2003-0230 affects Microsoft SQL Server 7, 2000, and MSDE. The vulnerability allows local users to gain privileges by hijacking a named pipe during authentication, due to a flaw in how named pipes are checked by SQL Server when a client authenticates via a named pipe. Impact is privilege eleva...
CVE-2000-0202
CVE-2000-0202 affects Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0. A malformed SELECT statement in an SQL query allows remote attackers to gain privileges. The connected OpenVAS entry corroborates multiple MSSQL vulnerabilities; however, exploitation details, affected versions b...
CVE-2002-0644
CVE-2002-0644 / CVE-2002-1137 describe a buffer overflow in the Database Consistency Checkers (DBCCs) of Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 . The vulnerability allows db_owner and db_ddladmin role members to execute arbitrary code due to overflow in DBCC input hand...
CVE-2000-1083
The CVE describes a buffer-length validation flaw in xp_showcolv within SQL Server and MSDE’s Extended Stored Procedures. The xp_showcolv path can overrun a buffer before srv_paraminfo is invoked, enabling denial of service or arbitrary command execution. Affected products are SQL Server and MSDE...
CVE-2002-1138
CVE-2002-1138 affects Microsoft SQL Server 7.0 and 2000, including MSDE 1.0 and MSDE 2000. The flaw is in Output File Handling for Scheduled Jobs: these components write output files for scheduled jobs under the SQL Server service account rather than the launching entity. This privilege mismatch ...
CVE-2000-1081
Microsoft SQL Server extended stored procedures vulnerability CVE-2000-1081 affects xp_displayparamstmt in SQL Server and MSDE. The issue arises from insufficiently restricting the input buffer length before calling srv_paraminfo in the Extended Stored Procedures API, enabling potential denial of...
CVE-2003-0232
CVE-2003-0232 affects Microsoft SQL Server 7, 2000, and MSDE. The issue is a buffer overflow in a Local Procedure Call (LPC) port that can be triggered by a specially crafted request, allowing a local attacker to execute arbitrary code with the SQL Server service account’s privileges. The vulnera...
CVE-2000-1085
The vulnerability CVE-2000-1085 affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). It concerns the xp_peekqueue function, where the length of a buffer is not properly restricted before invoking srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP). This coul...
CVE-2000-1086
The CVE-2000-1086 entry affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). The vulnerability lies in the xp_printstatements function, which fails to properly restrict the length of a buffer before calling srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP)...
CVE-2002-0645
Technical details for CVE-2002-0645 are not publicly provided in the connected documents; the available sources reference the vulnerability at a high level. Monitor for updates from official advisories.
CVE-2002-1137
CVE-2002-1137 describes a buffer overflow in the Database Console Command (DBCC) in Microsoft SQL Server 7.0 and 2000, including MSDE 1.0/MSDE 2000. The vulnerability stems from handling of user input, allowing an attacker to execute arbitrary code via a long SourceDB argument in a non-SQL OLEDB ...
CVE-2003-0231
Summary: CVE-2003-0231 affects Microsoft SQL Server 7.0, SQL Server 2000, and MSDE. A long request to a named pipe can trigger a denial of service, making the server unresponsive for local or remote authenticated users. The issue arises from how SQL Server interprets a return code from a named-pi...